A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a « commercial-grade » Android spyware dubbed LANDFALL in targeted attacks in the Middle East.
The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the « libimagecodec.quram.so » component that could allow remote attackers to execute arbitrary
